8e07dd1c1d48abfa44bf0d6308fa48aadbe12e4f2706a8050360b84726267ed1

Submit
Reports

Overview

overview

Static

static

Dead By Daylight.exe

windows7-x64

Dead By Daylight.exe

windows10-2004-x64

$PLUGINSDI...ls.dll

windows7-x64

$PLUGINSDI...ls.dll

windows10-2004-x64

$PLUGINSDI...em.dll

windows7-x64

$PLUGINSDI...em.dll

windows10-2004-x64

Dead By Daylight.exe

windows7-x64

Dead By Daylight.exe

windows10-2004-x64

LICENSES.c...m.html

windows7-x64

LICENSES.c...m.html

windows10-2004-x64

d3dcompiler_47.dll

windows10-2004-x64

ffmpeg.dll

windows7-x64

ffmpeg.dll

windows10-2004-x64

libEGL.dll

windows7-x64

libEGL.dll

windows10-2004-x64

libGLESv2.dll

windows7-x64

libGLESv2.dll

windows10-2004-x64

resources/...05.dll

windows7-x64

resources/...05.dll

windows10-2004-x64

resources/...am.exe

windows7-x64

resources/...am.exe

windows10-2004-x64

resources/...ot.exe

windows7-x64

resources/...ot.exe

windows10-2004-x64

resources/elevate.exe

windows7-x64

resources/elevate.exe

windows10-2004-x64

swiftshade...GL.dll

windows7-x64

swiftshade...GL.dll

windows10-2004-x64

swiftshade...v2.dll

windows7-x64

swiftshade...v2.dll

windows10-2004-x64

vk_swiftshader.dll

windows7-x64

vk_swiftshader.dll

windows10-2004-x64

vulkan-1.dll

windows7-x64

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
13/07/2024, 23:09 UTC

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Dead By Daylight.exe

Resource

win7-20240708-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

Dead By Daylight.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

18 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/StdUtils.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/StdUtils.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

Dead By Daylight.exe

Resource

win7-20240704-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral8

Sample

Dead By Daylight.exe

Resource

win10v2004-20240709-en

evasion execution persistence privilege_escalation spyware stealer

windows10-2004-x64

16 signatures

150 seconds

Behavioral task

behavioral9

Sample

LICENSES.chromium.html

Resource

win7-20240708-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral10

Sample

LICENSES.chromium.html

Resource

win10v2004-20240709-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral11

Sample

d3dcompiler_47.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

ffmpeg.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

ffmpeg.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

libEGL.dll

Resource

win7-20240705-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

libEGL.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

libGLESv2.dll

Resource

win7-20240705-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

libGLESv2.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

resources/app.asar.unpacked/node_modules/take-cam/DirectShowLib-2005.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

resources/app.asar.unpacked/node_modules/take-cam/DirectShowLib-2005.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

resources/app.asar.unpacked/node_modules/take-cam/prey-webcam.exe

Resource

win7-20240704-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

resources/app.asar.unpacked/node_modules/take-cam/prey-webcam.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

resources/app.asar.unpacked/node_modules/take-cam/snapshot.exe

Resource

win7-20240705-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

resources/app.asar.unpacked/node_modules/take-cam/snapshot.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

resources/elevate.exe

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

resources/elevate.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

swiftshader/libEGL.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

swiftshader/libEGL.dll

Resource

win10v2004-20240704-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

swiftshader/libGLESv2.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

swiftshader/libGLESv2.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

vk_swiftshader.dll

Resource

win7-20240704-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

vk_swiftshader.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

vulkan-1.dll

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

vk_swiftshader.dll
Size

4.4MB
MD5

de2d91476e625278c30a5f69a1892e05
SHA1

4d707f6a801611fb437f5c1cba31b0909bf41506
SHA256

02c7f0b926c64f5a19a9aacd5f94ee00be4d576486592e18acc80c0a027b05ba
SHA512

d027407539346e5aedd527f5f71de45bace6295e96a7fbefbf273c930d64a791e488e4bdf6ef8db61fc19c80cac52a6e398c2973499c6fedb1e422c3ba71f532
SSDEEP

49152:px2VjoakX4pb7QH1fUlTB7zmNmdpTE5NSomaZXYjLlHks2RPF/lOzl+LZ/n6du7F:K2DtJ+wixdag

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 484 wrote to memory of 760	484	rundll32.exe	31
PID 484 wrote to memory of 760	484	rundll32.exe	31
PID 484 wrote to memory of 760	484	rundll32.exe	31

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\vk_swiftshader.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:484
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 484 -s 80
  2⤵
  PID:760

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.